Monte Santo Resort Privacy Statement
Our Core Beliefs Regarding User Privacy And Data Protection
- User privacy and data protection are a necessity and our duty
- We have the duty of protecting personal data
- Data is a liability, it should only be collected and processed when absolutely necessary
- We loathe spam as much as you do!
- We will never sell, rent or distribute your personal data
- We will not make your personal information public without your consent. Your personal information (name) will be made public only if you wish to make a comment or review on the website.
Relevant LegislationAlong with our business and internal computer systems, this website is designed to comply with the following national and international legislation with regards to data protection and user privacy:
What Personal Information We Collect and WhyHere we describe what information is collected and reasons for collecting it. The categories of information collected are as follows:
Site Visit TrackersLike most websites, this site uses Google Analytics (GA) to track user interaction. We use this data to determine the number of people using our site, to better understand how they find and use our web pages and to track their journey through the website.
Reviews and CommentsShould you choose to add a comment or review on our site, the name and email address you enter with your comment will be saved to this website's database, along with your computer's IP address and the time and date that you submitted the comment. This information is only used to identify you as a contributor to the comment section of the respective blog post and is not passed on to any of the third-party data processors detailed below. Only your name and email address that you supplied will be shown on the public-facing website.
- Remove the comment or
- Remove the blog post.
Forms and Email Newsletter Submissions on The WebsiteIf you choose to subscribe to our email newsletter or submit a form on our website, the email address that you submit to us will be forwarded to a third-party marketing platform service company. Your email address will remain within their database for as long as we continue to use the third-party marketing company's services for the sole purpose of email marketing or until you specifically request removal from the list.
- Email ID
- Postal Code
- IP Address
Email LinksWe only receive an email when a user mails us using an email link. There are no third-party data processors or intermediaries involved.
The data is collated into an email and sent to us over the Simple Mail Transfer Protocol (SMTP). Our SMTP servers are protected by TLS (sometimes known as SSL) meaning that the email content is encrypted before being sent across the internet. The email content is then decrypted by our local computers and devices.
Revenue Recovery EmailsAs part of Revenue Recovery model, we work with re-marketing service companies to send notification messages if you have abandoned your cart without making a purchase. This is for the sole purpose of reminding customers to complete the purchase if they'd wish to. The re-marketing service companies do a real-time capture of your email ID and cookies to send an email invite to complete the transaction if the customer abandons the cart. However, the email ID of the customer is deleted from their database as soon as the purchase is complete.
"Do Not Sell My Data" - Why we don't have itWe do not sell personal information of our customers or of minors below the age of 16 years to third-party data collectors and hence the "Do not sell my data" opt-out button is optional on our website. Reiterating, we may collect your data for the sole purpose of completing a service request or for marketing communications. If you wish to access or erase your personal information, you can do so by submitting your details here.
Important Notice for Minors Sharing Personal InformationIf you are under 16 years of age you MUST obtain parental consent before:
- Submitting a form
- Posting a comment on our blog
- Subscribing to our offer
- Subscribing to our email newsletter
- Making a Transaction
Accessing/Deleting Personal InformationShould you wish to view or delete your personal information, please email us here with the email address used, your name and deletion request. Alternatively, you can fill out the form at the bottom of this page to view and/or delete your data stored with us
Third Party Data ProcessorsWe use a number of third parties to process personal data on our behalf. These third parties have been carefully chosen and all of them comply with the legislation set out in section above. If you request for your Personal information to be deleted with us, the request will also be forwarded to the parties below:
Essential Cookies and Similar TechnologiesThese are vital for the running of our services on our websites and apps. Without the use of these cookies parts of our websites would not function. For example, session cookies allows a navigation experience that is consistent and optimal to user's network speed and choice of device.
Analytics Cookies and Similar TechnologiesThese collect information about your use of our websites and apps and enable us to improve the way it works. For example, analytics cookies show us which are the most frequently visited pages. They also help identify any difficulties you have accessing our services, so we can fix any problems. Additionally, these cookies allow us to see overall patterns of usage at an aggregated level.
Tracking, Advertising Cookies and Similar TechnologiesWe use these types of technologies to provide advertisements that are more relevant to your interests. This can be done by delivering online adverts based on your previous web browsing activity. Cookies are placed on your browser which will store details of websites you have visited. Advertising based on what you have been looking at is then displayed to you when you visit websites that use the same advertising networks.
Data BreachesWe will report any unlawful data breach of this website's database or the database(s) of any of our third party data processors to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.
Privacy and Data Policy
Privacy and Personal Data Policy - applicable to Users of this Hospitality Business when making a reservation
Data Controller (we): The Hospitality Business, which will provide to you, the user, the requested service. Our identification and contact details are available on the website you used to make your reservation / to pose your questions to us. They will also appear on our invoice which we'll send to you.
Data Compliance Officer: Not applicable to Data Controllers' activities.
User: You, who filled-in the reservation form or any other documentation related to it.
Purpose: The purpose of processing the data provided through this form is to manage the reservations made by you, user and/or to answer to the questions / requests you posed.
- Either the need to perform our contract with you, user / the need to take steps at your request prior to entering into a contract.
- Or the consent of you, the user, by ticking in the box of acceptance of the Terms and Conditions of which this Privacy and Personal Data Policy is an integral part.
Duration: We will store the data provided by you, the user, during the time necessary for the management of the reservation you made, as well as of the accommodation services you requested. Once the management is finished, your data will be kept for six (6) months. If you consent to receive marketing and/or commercial information, your data will be stored until you revoke your consent.
Processor: We engage our partner Roiback (www.roiback.com) for carrying out the reservations engine of our business. Roiback acts under our authority and we have signed a contract with Roiback for the provision of their services. We have instructed Roiback in written as per how the processing should be done.
Data subjects different from the users: Where you, user, provide us with personal data pertaining to a different data subject from yourself, you are responsible for such acts as well as for obtaining the respective consent of such data subjects for the provisioning of their data.
Transfer of Data: We shall not transfer personal data to a third country outside the EEA (European Economic Area).
Data Subject Rights: Data Subjects can exercise their rights of access, rectification, cancellation and opposition by sending an email or through the postal service to the contact details on our reservation website and on our invoices.
Supervisory Authority: If a data subject considers their rights affected, they can also appeal to the competent supervisory authority of the Member State concerned. More info at: https://ec.europa.eu/info/law/law-topic/data-protection/data-protection-eu_en
Alternative Consumer Dispute Resolution Entity:
Entity: CIMAAL - Center for Information, Mediation and Arbitration of Consumer Disputes in the Algarve